What keeps senior IT security pros up at night? It's not what you think
In the security space, last year was one for the books. Edward Snowden made waves after leaking classified documents detailing government surveillance programs, which raised privacy and security concerns for individuals and enterprises worldwide. Data breach after data breach of major retailers and brands shook every industry to its core, leaving IT teams wondering, “could this happen to us?”

The story of Pwnie Express
In April, Help Net Security attended InfoSec World 2014 Conference & Expo in sunny Orlando where we sat down with Mark Hughes, who had a number of roles with Pwnie Express since its inception. In this very interesting 40-minute podcast, Mr. Hughes shares the story of Pwnie Express - from its roots in the security community, over initial success to their new enterprise-class solutions.

Building a more secure and agile Internet
The National Science Foundation's (NSF) Directorate for Computer and Information Science and Engineering (CISE) awarded $15 million to support three, multi-institutional projects that will further develop, deploy and test future Internet architectures. These pilot networks are designed to enhance security, respond to emerging service challenges and enable the scalability of the information infrastructure upon which Internet users increasingly rely.

NSA allegedly puts backdoors on American-made network devices
Glenn Greenwald's new book titled No Place to Hide was published last week. Aside from telling the story of how he worked with NSA whistleblower Edward Snowden and journalist Laura Poitras to make public the mind-blowing extent of mass US surveillance, the book also includes a number of revelations and documents that have not been previously shared with the public.

Whitepaper: 10 network security tools you should use
Whether you are operating a home system, overseeing a small startup, or performing security governance for an enterprise, everyone can benefit from paying attention to security. This paper provides a list of 10 security tools or tests that will help you check out suspicious issues and keep ahead of new risks and threats.

The importance of continuous monitoring
In this podcast, recorded at Infosecurity Europe 2014, Corey Bodzin, VP of Product Management at Qualys, discusses the need for continuous monitoring of the growing perimeter and the new QualysGuard Continuous Monitoring solution, which can scan the entire perimeter of even large global networks on a frequent basis and report any rules violations as email alerts or to the company's SIEM.

Bad news for Cryptocat as it debuts Encrypted Facebook Chat
Mere days after Cryptocat creator Nadim Kobeissi announced that the latest update of the popular software will allow Facebook users to use encrypted chat, the social network has made known its intention of shutting down its Chat API/XMPP Services by April 30th 2015.

Making the web a safe place to visit
In this podcast, recorded at Infosecurity Europe 2014, Branden Spikes, CEO, CTO & Founder of Spikes Security, talks about making the web a safe place to visit with the use of isolation technology for preventing malicious content from infecting endpoints.

Malvertising up by over 200%
Online Trust Alliance (OTA) Executive Director and President Craig Spiezle testified before the U.S. Senate’s Homeland Security and Governmental Affairs Permanent Subcommittee on Investigations, outlining the risks of malicious advertising, and possible solutions to stem the rising tide.

(IN)SECURE Magazine Infosecurity Europe special issue released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Presented in this issue are some of the most interesting news and companies we've seen at this year's Infosecurity Europe conference and exhibition.

Fake mobile AV apps sold on Google Play and Windows Phone Store
Remember when the popular but totally useless security app named Virus Shield appeared for sale on Google Play and netted its creators over $40,000 before being removed from the online market? Well, the app has been resurrected, and this time the targets are Windows Phone users.

NIST's cryptographic material under review
The National Institute of Standards and Technology (NIST) announced that its primary advisory committee, the Visiting Committee on Advanced Technology (VCAT), has begun its review of the institute’s cryptographic standards and guidelines program.

Cybercriminals targeting unlikely sources to carry out high-profile exploits
Cybercriminals continuously discover more ways to successfully target new outlets for financial theft, according to Trend Micro. Greed is motivating cybercriminals to take a non-traditional approach in the selection of unlikely targets, such as advanced threats to Point-of-Sale (PoS) terminals and the exploitation of disasters.

Tor cannot protect you from targeted surveillance
In the wake of all the revelations about mass Internet surveillance efforts by the US NSA, a lot of users but also many businesses and government agencies around the world have turned to using the Tor anonymity network to keep their sensitive information away from the intelligence agencies' hands and that of anyone else who'd like to steal it. But Andy Malone, founder of the Cybercrime Security Forum and Microsoft MVP, warns that using Tor does not guarantee the information you're trying to keep hidden won't be compromised.

Spotlight

Microsoft Edge, the new browser in Windows 10, represents a significant increase in the security over Internet Explorer. However, there are also new potential threat vectors that aren’t present in older versions.

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Sun Tzu's writings have been studied throughout the ages by professional militaries and can used to not only answer the question of whether or not we are in a cyberwar, but how one can fight a cyber-battle.

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.